Prosím o kontrolu logu

[Lucienne]

Poslední dobou mi bezdůvodně jede CPU na 100% a když otevřu správce úloh, tak využití CPU spadne.

[Reklama]

[jaro3]

Vlož nový log z HJT

Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Lucienne]

----------------------------------------------------------------------------
CrystalDiskInfo 8.8.7 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19041] (x64)
Date : 2020/12/12 18:11:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) Chipset SATA/PCIe RST Premium Controller [SCSI]
- ADATA SSD DP900 512GB-DL3
- HL-DT-ST DVD+-RW GU90N
- Řadič prostorů úložišť [SCSI]
- BayHubTech/O2Micro Integrated MMC/SD controller [SCSI]

-- Disk List ---------------------------------------------------------------
(01) ADATA SSD DP900 512GB-DL3 : 512,1 GB [0/0/0, pd1] - sf

----------------------------------------------------------------------------
(01) ADATA SSD DP900 512GB-DL3
----------------------------------------------------------------------------
Model : ADATA SSD DP900 512GB-DL3
Firmware : 5.8.2
Serial Number : 7F2620010916
Disk Size : 512,1 GB (8,4/137,4/512,1/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1000215216
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 6169 hod.
Power On Count : 3394 krát
Host Reads : 17698 GB
Host Writes : 14934 GB
Temperature : 36 C (96 F)
Health Status : Dobrý (98 %)
Features : S.M.A.R.T., APM, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 _95 _95 _50 0000000A14A26E Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 _93 _93 __0 01226400001819 Power-on Hours
0C _97 _97 __0 00000000000D42 Power Cycle Count
AB 100 100 __0 00000000000000 Program Fail Count
AC 100 100 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000032 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000002 Wear Range Delta
B5 100 100 __0 00000000000000 Program Fail Count
B6 100 100 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
C2 _36 _54 __0 0000FA00360024 Temperature
C3 120 120 __0 0000000A14A26E On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 120 120 __0 0000000A14A26E Uncorrectable Soft Read Error Rate
CC 120 120 __0 0000000A14A26E Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 _98 _98 _10 00000700000001 SSD Life Left
E9 __0 __0 __0 000000000035B8 Specifický pro výrobce
EA __0 __0 __0 00000000003A56 Specifický pro výrobce
F1 __0 __0 __0 00000000003A56 Lifetime Writes from Host
F2 __0 __0 __0 00000000004522 Lifetime Reads from Host

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF 738C 0010 0000 0000 003F 0000 0000 0000
010: 3746 3236 3230 3031 3039 3136 2020 2020 2020 2020
020: 0000 0000 0004 352E 382E 3220 2020 4144 4154 4120
030: 5353 4420 4450 3930 3020 3531 3247 422D 444C 3320
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0F08
070: 0000 0000 0000 0000 0000 001F 950E 0006 004C 004C
080: 01FC 0110 742B 7569 6163 7429 B449 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 12B0 3B9E 0000 0000 0000 0001 4000 0000 5707 C180
110: 000F 836F 0000 0000 0000 0000 0000 0000 0000 405A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0025 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 12B0 3B9E 0000 0000 0002 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 38A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 5F 5F 6E A2 14 0A 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 5D 5D 19
020: 18 00 00 64 22 01 0C 32 00 61 61 42 0D 00 00 00
030: 00 00 AB 0A 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AE 30 00 00 00 32
050: 00 00 00 00 00 00 B1 00 00 00 00 02 00 00 00 00
060: 00 00 B5 0A 00 64 64 00 00 00 00 00 00 00 B6 32
070: 00 64 64 00 00 00 00 00 00 00 BB 12 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 24 36 24 00 36 00 FA
090: 00 00 C3 1C 00 78 78 6E A2 14 0A 00 00 00 C4 33
0A0: 00 64 64 00 00 00 00 00 00 00 C9 1C 00 78 78 6E
0B0: A2 14 0A 00 00 00 CC 1C 00 78 78 6E A2 14 0A 00
0C0: 00 00 E6 13 00 64 64 64 00 00 00 00 00 00 E7 13
0D0: 00 62 62 01 00 00 00 07 00 00 E9 32 00 00 00 B8
0E0: 35 00 00 00 00 00 EA 32 00 00 00 56 3A 00 00 00
0F0: 00 00 F1 32 00 00 00 56 3A 00 00 00 00 00 F2 32
100: 00 00 00 22 45 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 7D
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C4 03
0A0: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
0B0: 00 00 00 00 00 00 CC 00 00 00 00 00 00 00 00 00
0C0: 00 00 E6 00 00 00 00 00 00 00 00 00 00 00 E7 0A
0D0: 00 00 00 00 00 00 00 00 00 00 E9 00 00 00 00 00
0E0: 00 00 00 00 00 00 EA 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C

[jaro3]

Vlož nový log z HJT

[Lucienne]

----------------------------------------------------------------------------
CrystalDiskInfo 8.8.7 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19041] (x64)
Date : 2020/12/12 18:26:55

-- Controller Map ----------------------------------------------------------
+ Intel(R) Chipset SATA/PCIe RST Premium Controller [SCSI]
- ADATA SSD DP900 512GB-DL3
- HL-DT-ST DVD+-RW GU90N
- Řadič prostorů úložišť [SCSI]
- BayHubTech/O2Micro Integrated MMC/SD controller [SCSI]

-- Disk List ---------------------------------------------------------------
(01) ADATA SSD DP900 512GB-DL3 : 512,1 GB [0/0/0, pd1] - sf

----------------------------------------------------------------------------
(01) ADATA SSD DP900 512GB-DL3
----------------------------------------------------------------------------
Model : ADATA SSD DP900 512GB-DL3
Firmware : 5.8.2
Serial Number : 7F2620010916
Disk Size : 512,1 GB (8,4/137,4/512,1/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1000215216
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 6169 hod.
Power On Count : 3394 krát
Host Reads : 17698 GB
Host Writes : 14934 GB
Temperature : 35 C (95 F)
Health Status : Dobrý (98 %)
Features : S.M.A.R.T., APM, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 _95 _95 _50 0000000A169A58 Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 _93 _93 __0 0FD69C00001819 Power-on Hours
0C _97 _97 __0 00000000000D42 Power Cycle Count
AB 100 100 __0 00000000000000 Program Fail Count
AC 100 100 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000032 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000002 Wear Range Delta
B5 100 100 __0 00000000000000 Program Fail Count
B6 100 100 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
C2 _35 _54 __0 0000FA00360023 Temperature
C3 120 120 __0 0000000A169A58 On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 120 120 __0 0000000A169A58 Uncorrectable Soft Read Error Rate
CC 120 120 __0 0000000A169A58 Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 _98 _98 _10 00000700000001 SSD Life Left
E9 __0 __0 __0 000000000035B8 Specifický pro výrobce
EA __0 __0 __0 00000000003A56 Specifický pro výrobce
F1 __0 __0 __0 00000000003A56 Lifetime Writes from Host
F2 __0 __0 __0 00000000004522 Lifetime Reads from Host

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF 738C 0010 0000 0000 003F 0000 0000 0000
010: 3746 3236 3230 3031 3039 3136 2020 2020 2020 2020
020: 0000 0000 0004 352E 382E 3220 2020 4144 4154 4120
030: 5353 4420 4450 3930 3020 3531 3247 422D 444C 3320
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0F08
070: 0000 0000 0000 0000 0000 001F 950E 0006 004C 004C
080: 01FC 0110 742B 7569 6163 7429 B449 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 12B0 3B9E 0000 0000 0000 0001 4000 0000 5707 C180
110: 000F 836F 0000 0000 0000 0000 0000 0000 0000 405A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0025 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 12B0 3B9E 0000 0000 0002 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 38A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 5F 5F 58 9A 16 0A 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 5D 5D 19
020: 18 00 00 9C D6 0F 0C 32 00 61 61 42 0D 00 00 00
030: 00 00 AB 0A 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AE 30 00 00 00 32
050: 00 00 00 00 00 00 B1 00 00 00 00 02 00 00 00 00
060: 00 00 B5 0A 00 64 64 00 00 00 00 00 00 00 B6 32
070: 00 64 64 00 00 00 00 00 00 00 BB 12 00 64 64 00
080: 00 00 00 00 00 00 C2 22 00 23 36 23 00 36 00 FA
090: 00 00 C3 1C 00 78 78 58 9A 16 0A 00 00 00 C4 33
0A0: 00 64 64 00 00 00 00 00 00 00 C9 1C 00 78 78 58
0B0: 9A 16 0A 00 00 00 CC 1C 00 78 78 58 9A 16 0A 00
0C0: 00 00 E6 13 00 64 64 64 00 00 00 00 00 00 E7 13
0D0: 00 62 62 01 00 00 00 07 00 00 E9 32 00 00 00 B8
0E0: 35 00 00 00 00 00 EA 32 00 00 00 56 3A 00 00 00
0F0: 00 00 F1 32 00 00 00 56 3A 00 00 00 00 00 F2 32
100: 00 00 00 22 45 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 02 00 00 00 00 7D
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B7

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C4 03
0A0: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
0B0: 00 00 00 00 00 00 CC 00 00 00 00 00 00 00 00 00
0C0: 00 00 E6 00 00 00 00 00 00 00 00 00 00 00 E7 0A
0D0: 00 00 00 00 00 00 00 00 00 00 E9 00 00 00 00 00
0E0: 00 00 00 00 00 00 EA 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C

[jaro3]

Vlož nový log z HJT + informuj o problémech

[Lucienne]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by rluci (Administrator) on 12.12.2020 at 18:30:18,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.12.2020 at 18:31:32,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Lucienne]

Pořád běží CPU na 100%.

[jaro3]

Chtěl jsem log z hijackthis..

+
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Lucienne]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:44:30, on 12.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Users\rluci\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [RazerCortex] "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Synapse3] "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized
O4 - HKCU\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @oem39.inf,%HidMonitor.SvcDisp%;AlpsAlpine HID Monitor Service (ApHidMonitorService) - ALPSALPINE Co., Ltd. - C:\Program Files\DellTPad\HidMonitorSvc.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Internet Security Protected Helper Service (CmdAgentProt) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_66d86 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @oem41.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Unknown owner - C:\WINDOWS\System32\iaStorAfsService.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\System32\drivers\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Synapse Service - Razer Inc. - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem41.inf,%RstMwService.Name%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11783 bytes

[Lucienne]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-12-2020
Ran by rluci (administrator) on DELL-LUCIE (Dell Inc. Latitude E6540) (12-12-2020 18:39:54)
Running from C:\Users\rluci\Downloads
Loaded Profiles: rluci
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(O2Micro -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-12-08] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [279016 2020-08-21] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {084D296E-FBF7-4B34-836E-538A417998FF} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {1225C1BF-FD81-4D34-810E-2882CBC3F798} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {2297343D-EDBE-41D7-8574-168247484323} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1971311988-3073939653-1663255489-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-11] (Microsoft Windows -> )
Task: {2532FB05-BA64-4E0C-932C-9B89B60F7C72} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {409BDB57-89A1-4975-B248-E60A118163F0} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {42C3A2C5-9C20-45F2-A20E-43A1F5E2AF0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {485697A7-54A2-4F91-ACF7-FB058ABA9E1B} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {50444856-0DA4-4F57-9A94-C59455291A3C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {69D7E3BB-FD3A-48A7-A2E7-FEED41E37AE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F6EDE24-C1A9-490B-A1FF-269B1FC72239} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {70132EFD-A27C-4272-80F7-EADF4A846719} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {86A0FD34-0388-47E0-AD14-B3AD16499242} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F3B162A-C839-4F7E-A013-F0E4DB6C78B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {941904D8-AC2A-457A-991E-D313443FF720} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {9A892FD3-7DCF-4D5C-8106-4A16759E0CAB} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A23CA72B-E933-458C-A729-F146EB362748} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F045CF7A-1E03-4805-A348-396AAAF1A16C} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {FAE4C919-0474-4354-9FC7-090D4560F113} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.91.240.101 93.91.240.254
Tcpip\..\Interfaces\{1681909c-5916-4047-b1f3-c44a00cb325e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2e654747-7e1a-4ba7-8276-ec3f5159796a}: [DhcpNameServer] 93.91.240.101 93.91.240.254

Edge:
======
Edge DefaultProfile: Default

FireFox:
========
FF DefaultProfile: 4jdossrp.default-1581520171316
FF ProfilePath: C:\Users\rluci\AppData\Roaming\Mozilla\Firefox\Profiles\4jdossrp.default-1581520171316 [2020-12-12]
FF NewTab: Mozilla\Firefox\Profiles\4jdossrp.default-1581520171316 -> about:newtab
FF Extension: (uBlock Origin) - C:\Users\rluci\AppData\Roaming\Mozilla\Firefox\Profiles\4jdossrp.default-1581520171316\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (Old Reddit Redirect) - C:\Users\rluci\AppData\Roaming\Mozilla\Firefox\Profiles\4jdossrp.default-1581520171316\Extensions\{9063c2e9-e07c-4c2c-9646-cfe7ca8d0498}.xpi [2020-05-04]
FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\rluci\AppData\Roaming\Mozilla\Firefox\Profiles\4jdossrp.default-1581520171316\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-05-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-15] (Malwarebytes Inc -> Malwarebytes)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-21] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-12-08] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-10] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-12] (Adlice -> )
S3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [165392 2017-08-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-12 18:39 - 2020-12-12 18:40 - 000018045 _____ C:\Users\rluci\Downloads\FRST.txt
2020-12-12 18:39 - 2020-12-12 18:40 - 000000000 ____D C:\FRST
2020-12-12 18:39 - 2020-12-12 18:39 - 002289152 _____ (Farbar) C:\Users\rluci\Downloads\FRST64.exe
2020-12-12 18:31 - 2020-12-12 18:31 - 000000877 _____ C:\Users\rluci\Desktop\JRT.txt
2020-12-12 18:10 - 2020-12-12 18:10 - 000000000 ____D C:\Users\rluci\Desktop\Nová složka
2020-12-12 18:09 - 2020-12-12 18:09 - 006641065 _____ C:\Users\rluci\Downloads\CrystalDiskInfo8_8_7.zip
2020-12-12 17:40 - 2020-12-12 17:40 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-12 17:40 - 2020-12-12 17:40 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-12-12 17:39 - 2020-12-12 17:39 - 000056832 _____ C:\Users\rluci\Desktop\zoek-results.txt
2020-12-12 17:25 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-12-12 17:11 - 2020-12-12 17:23 - 000000000 ____D C:\zoek_backup
2020-12-12 17:09 - 2020-12-12 17:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-12 17:08 - 2020-12-12 17:08 - 000000000 ____D C:\WINDOWS\pss
2020-12-12 17:05 - 2020-12-12 17:05 - 000000182 _____ C:\Users\rluci\Desktop\zoek.txt
2020-12-12 17:02 - 2020-12-12 17:02 - 001800862 _____ C:\Users\rluci\Downloads\zoek1.rar
2020-12-12 17:02 - 2020-11-11 22:29 - 000000000 ____D C:\Users\rluci\Desktop\zoek1
2020-12-11 16:53 - 2020-12-11 16:53 - 001790024 _____ (Malwarebytes) C:\Users\rluci\Downloads\JRT.exe
2020-12-11 16:47 - 2020-12-11 16:47 - 000448512 _____ (OldTimer Tools) C:\Users\rluci\Downloads\TFC(1).exe
2020-12-11 16:46 - 2020-12-11 16:46 - 000050688 _____ (Atribune.org) C:\Users\rluci\Downloads\ATF-Cleaner(3).exe
2020-12-11 16:46 - 2020-12-11 16:46 - 000050688 _____ (Atribune.org) C:\Users\rluci\Downloads\ATF-Cleaner(2).exe
2020-12-11 15:55 - 2020-12-11 15:55 - 008447152 _____ (Malwarebytes) C:\Users\rluci\Downloads\adwcleaner_8.0.8.exe
2020-12-11 15:55 - 2020-12-11 15:55 - 000000000 ____D C:\AdwCleaner
2020-12-11 09:19 - 2020-12-11 09:19 - 002588891 _____ C:\Users\rluci\Downloads\ProcessExplorer.zip
2020-12-11 09:17 - 2020-12-11 09:17 - 000388608 _____ (Trend Micro Inc.) C:\Users\rluci\Downloads\HijackThis.exe
2020-12-11 09:04 - 2020-12-11 09:04 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 09:04 - 2020-12-11 09:04 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 09:04 - 2020-12-11 09:04 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 09:04 - 2020-12-11 09:04 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 09:04 - 2020-12-11 09:04 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 09:04 - 2020-12-11 09:04 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 09:03 - 2020-12-11 09:03 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 09:03 - 2020-12-11 09:03 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 09:03 - 2020-12-11 09:03 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 09:03 - 2020-12-11 09:03 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 09:03 - 2020-12-11 09:03 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 09:03 - 2020-12-11 09:03 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 09:03 - 2020-12-11 09:03 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 09:03 - 2020-12-11 09:03 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 09:03 - 2020-12-11 09:03 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 21:42 - 2020-12-10 21:42 - 000448512 _____ (OldTimer Tools) C:\Users\rluci\Downloads\TFC.exe
2020-12-10 21:42 - 2020-12-10 21:42 - 000050688 _____ (Atribune.org) C:\Users\rluci\Downloads\ATF-Cleaner(1).exe
2020-12-10 21:41 - 2020-12-10 21:42 - 000050688 _____ (Atribune.org) C:\Users\rluci\Downloads\ATF-Cleaner.exe
2020-12-10 21:34 - 2020-12-12 18:40 - 001116113 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-10 21:34 - 2020-12-12 17:44 - 000000000 ____D C:\Users\rluci\AppData\Local\AMSDK
2020-12-10 21:34 - 2020-12-10 21:34 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-10 21:34 - 2020-12-10 21:34 - 000003548 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-10 21:34 - 2020-12-10 21:34 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-10 21:34 - 2020-12-10 21:34 - 000000000 ____D C:\Users\rluci\AppData\Local\Zemana
2020-12-10 21:34 - 2020-12-10 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-10 21:34 - 2020-12-10 21:34 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-10 20:30 - 2020-12-10 20:30 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-10 20:30 - 2020-12-10 20:30 - 000000000 ____D C:\ProgramData\Sophos
2020-12-10 20:30 - 2020-12-10 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-10 20:30 - 2020-12-10 20:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-10 20:23 - 2020-12-10 20:29 - 206758184 _____ (Sophos Limited) C:\Users\rluci\Downloads\Sophos Virus Removal Tool.exe
2020-12-10 20:23 - 2020-12-10 20:23 - 012795472 _____ (Zemana Ltd. ) C:\Users\rluci\Downloads\AntiMalware_Setup.exe
2020-12-10 20:20 - 2020-12-10 20:20 - 000001543 _____ C:\DelFix.txt
2020-12-10 19:41 - 2020-12-10 19:41 - 040473968 _____ (Adlice Software ) C:\Users\rluci\Downloads\setup(1).exe
2020-12-05 18:58 - 2020-12-05 18:58 - 000000774 _____ C:\Users\rluci\OneDrive\Dokumenty\cc_20201205_185839.reg
2020-12-04 18:15 - 2020-12-04 18:15 - 000001080 _____ C:\Users\rluci\Desktop\OpenXcom.lnk
2020-12-04 18:15 - 2020-12-04 18:15 - 000000000 ____D C:\Users\rluci\OneDrive\Dokumenty\OpenXcom
2020-12-04 18:15 - 2020-12-04 18:15 - 000000000 ____D C:\Users\rluci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenXcom
2020-12-04 18:14 - 2020-12-04 18:15 - 000000000 ____D C:\Program Files (x86)\OpenXcom
2020-12-04 18:06 - 2020-12-04 18:06 - 004699161 _____ (OpenXcom Developers) C:\Users\rluci\Downloads\openxcom_git_master_2020_11_25_1755.exe
2020-12-04 09:42 - 2020-12-04 09:42 - 007801424 _____ (Tweaking.com) C:\Users\rluci\Downloads\tweaking.com_hardware_identify_setup.exe
2020-12-02 15:44 - 2020-12-02 15:44 - 000008296 _____ C:\Users\rluci\OneDrive\Dokumenty\cc_20201202_154426.reg
2020-11-23 22:48 - 2020-11-23 22:48 - 000002974 _____ C:\Users\rluci\OneDrive\Dokumenty\r.lucie@email.asc
2020-11-23 22:46 - 2020-12-09 11:32 - 000000000 ____D C:\Users\rluci\AppData\Roaming\eM Client
2020-11-23 22:46 - 2020-11-23 22:46 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2020-11-23 22:46 - 2020-11-23 22:46 - 000000000 ____D C:\Users\rluci\AppData\Local\eM Client
2020-11-23 22:46 - 2020-11-23 22:46 - 000000000 ____D C:\Program Files (x86)\eM Client
2020-11-23 22:44 - 2020-11-23 22:45 - 110907392 _____ C:\Users\rluci\Downloads\emclient-v8.0.3385.msi
2020-11-23 22:39 - 2020-11-23 22:39 - 000037888 _____ (Soeperman Enterprises Ltd.) C:\Users\rluci\Downloads\ADSSpy.exe
2020-11-23 22:38 - 2020-11-23 22:38 - 000755576 _____ (Sysinternals - http://www.sysinternals.com) C:\Users\rluci\Downloads\autoruns.exe
2020-11-22 15:01 - 2020-11-22 15:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-22 14:50 - 2020-11-26 13:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-20 12:58 - 2020-11-20 12:58 - 000206936 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2020-11-20 12:58 - 2020-11-20 12:58 - 000181848 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2020-11-18 09:50 - 2020-11-18 09:50 - 000000808 _____ C:\Users\rluci\OneDrive\Dokumenty\cc_20201118_095010.reg
2020-11-17 07:45 - 2020-11-17 07:45 - 000187544 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastAPI64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000164512 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastManager64.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000153240 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastAPI.dll
2020-11-17 07:45 - 2020-11-17 07:45 - 000134304 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastManager.dll
2020-11-15 17:49 - 2020-11-15 17:49 - 000001252 _____ C:\Users\rluci\OneDrive\Dokumenty\cc_20201115_174944.reg
2020-11-15 10:47 - 2020-11-15 10:47 - 000006372 _____ C:\Users\rluci\OneDrive\Dokumenty\cc_20201115_104717.reg
2020-11-15 10:28 - 2020-11-15 10:29 - 040416160 _____ (Adlice Software ) C:\Users\rluci\Downloads\setup.exe
2020-11-15 10:27 - 2020-12-12 17:40 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-15 10:27 - 2020-11-15 10:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-15 10:26 - 2020-11-15 10:26 - 030469496 _____ (Piriform Software Ltd) C:\Users\rluci\Downloads\ccsetup574.exe
2020-11-14 11:30 - 2020-11-14 11:30 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-14 11:29 - 2020-11-14 11:29 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-13 10:41 - 2020-11-13 10:41 - 000000000 ____D C:\Users\rluci\AppData\Roaming\Teams

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-12 18:40 - 2019-04-11 18:17 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-12 18:40 - 2019-04-11 17:26 - 000000000 ____D C:\Users\rluci\AppData\LocalLow\Mozilla
2020-12-12 18:39 - 2019-04-11 18:45 - 000153432 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-12 18:33 - 2019-04-11 17:26 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-12 18:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-12 17:47 - 2020-08-23 08:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-12 17:47 - 2019-12-07 15:43 - 000717996 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-12 17:47 - 2019-12-07 15:43 - 000145138 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-12 17:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-12 17:44 - 2019-04-24 05:17 - 000000000 ____D C:\Users\rluci\AppData\Local\CrashDumps
2020-12-12 17:42 - 2019-04-11 17:56 - 000000000 ____D C:\Program Files\CCleaner
2020-12-12 17:40 - 2020-08-23 08:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-12 17:40 - 2020-08-23 08:22 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-12 17:40 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-12 17:40 - 2019-04-11 17:23 - 000000000 __SHD C:\Users\rluci\IntelGraphicsProfiles
2020-12-12 17:40 - 2019-04-11 17:17 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-12 16:35 - 2020-02-10 10:26 - 000000000 ____D C:\Users\rluci\OneDrive\Dokumenty\Stažené
2020-12-12 16:34 - 2019-04-11 17:24 - 000000000 ___RD C:\Users\rluci\OneDrive
2020-12-12 16:26 - 2020-08-23 08:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-12 14:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-12 10:54 - 2020-06-09 22:39 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 10:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-11 21:49 - 2020-08-23 08:35 - 000059084 ____H C:\Users\rluci\AppData\Local\IconCache.db.backup
2020-12-11 16:53 - 2020-10-25 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-12-11 09:12 - 2020-08-23 08:22 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 09:11 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-11 09:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-10 20:15 - 2020-08-23 08:29 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-10 20:13 - 2019-05-20 20:50 - 000000000 ____D C:\Users\rluci\AppData\Local\ElevatedDiagnostics
2020-12-10 19:42 - 2020-02-10 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-10 19:42 - 2020-02-10 14:37 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-10 11:44 - 2019-05-13 19:10 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-30 08:30 - 2020-08-23 08:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 08:30 - 2020-08-23 08:29 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-27 21:10 - 2020-10-25 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-11-27 21:07 - 2019-04-11 18:17 - 000002138 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2020-11-27 21:05 - 2020-10-25 13:28 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-11-27 21:02 - 2020-08-23 08:29 - 000003216 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:17 - 2019-05-20 22:30 - 000000000 ____D C:\Program Files (x86)\Steam
2020-11-26 18:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-26 18:26 - 2019-04-11 17:17 - 000000000 ____D C:\Intel
2020-11-26 13:36 - 2019-04-11 17:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-25 15:20 - 2020-08-23 08:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-23 18:29 - 2020-03-09 19:48 - 000000000 ____D C:\Users\rluci\OneDrive\Dokumenty\Soubory aplikace Outlook
2020-11-23 08:20 - 2020-03-25 10:56 - 000002368 _____ C:\Users\rluci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-11-23 08:20 - 2020-03-25 10:56 - 000002360 _____ C:\Users\rluci\Desktop\Microsoft Teams.lnk
2020-11-22 17:01 - 2020-03-17 09:08 - 000000000 ___RD C:\Users\rluci\Desktop\ŠV
2020-11-22 15:01 - 2019-04-11 17:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-20 08:28 - 2020-10-25 13:22 - 000000000 ____D C:\Program Files (x86)\Razer
2020-11-19 18:08 - 2019-05-16 23:34 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-15 19:57 - 2019-09-15 09:56 - 000000000 ____D C:\Users\rluci\AppData\Local\D3DSCache
2020-11-15 19:49 - 2020-02-10 10:39 - 000000000 ___RD C:\Users\rluci\Downloads\Fotky
2020-11-15 19:47 - 2019-11-29 09:33 - 000000000 ___RD C:\Users\rluci\Dropbox
2020-11-15 17:24 - 2019-04-11 20:48 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-15 17:24 - 2019-04-11 20:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-15 17:17 - 2020-03-20 11:35 - 000000000 ____D C:\Users\rluci\OneDrive\Dokumenty\Meme
2020-11-15 10:27 - 2020-07-24 12:24 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-15 10:27 - 2020-02-10 14:49 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-15 10:27 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-15 10:27 - 2019-04-11 17:56 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-15 10:26 - 2020-02-10 14:49 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-15 05:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-14 11:29 - 2020-08-23 08:23 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Lucienne]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-12-2020
Ran by rluci (12-12-2020 18:42:46)
Running from C:\Users\rluci\Downloads
Windows 10 Pro Version 2004 19041.685 (X64) (2020-08-23 07:29:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1971311988-3073939653-1663255489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1971311988-3073939653-1663255489-503 - Limited - Disabled)
Guest (S-1-5-21-1971311988-3073939653-1663255489-501 - Limited - Disabled)
rluci (S-1-5-21-1971311988-3073939653-1663255489-1001 - Administrator - Enabled) => C:\Users\rluci
WDAGUtilityAccount (S-1-5-21-1971311988-3073939653-1663255489-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
COMODO Antivirus (HKLM\...\{693F782C-8D75-4029-B003-BBA5AF2C0726}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
eM Client (HKLM-x32\...\{3D529DE7-1FC9-4225-B21F-754706DDEBEE}) (Version: 8.0.3385.0 - eM Client Inc.)
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: 1.0.0.0 - OpenXcom Developers)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.12.1002.1309 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
App for Instagram: View, Upload Photo -> C:\Program Files\WindowsApps\57868Codaapp.UploadforInstagram_1.2.2.0_x64__4bn2s5v6tep1y [2019-08-30] (Codaapp)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-27] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1910.3.0_x86__kgqvnymyfvs32 [2020-12-04] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_10.0.5.0_x86__m9bz608c1b9ra [2020-11-09] (Nordcurrent)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1535.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0 [2020-11-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rluci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-29 03:26 - 2020-10-29 03:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2019-04-11 18:42 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-04-11 18:07 - 2020-12-12 17:12 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rluci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 93.91.240.101 - 93.91.240.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "eM Client"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5B2F03ED-62AD-47AC-9C9C-B32F4FE0D116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{E23A1273-BE14-4B57-94F5-5409B80BF3C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{6116C299-C94C-4060-8213-2806EE5CC62E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{691C6F91-6721-451A-B09A-99BF95E927E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{0F7C9696-7364-4BAE-8345-2E7737A1F50F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{C1BC2490-9464-4180-9CD8-E18801FA3812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{B7A18145-B87A-4D50-AD48-6E9A6965B8E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{3475F50F-4AD7-44D7-850F-593D715B15B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{342B8EDF-2517-4E57-96C4-972B1EE4614B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{395C6387-D87F-4070-BDEA-659C7B791845}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{713D6E70-B063-4B8D-A3D6-B1D860FCB12C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{CABF6577-46CF-4B89-86D0-3ABF533592B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B05FBFD1-9A50-4CD7-9C83-C7F7BB36CB57}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0636400F-AF0F-4F99-BCE1-86EDFE884FF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{C0CE41A3-689C-40D0-992C-224E5207F230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{E7DFD056-72EE-4B68-B122-08CD107C1350}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D9AA632B-9AAB-4DFF-BA42-989FDDFD1273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF874547-C94E-46CE-901A-5F7BF9B74756}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{CB78EB95-03F4-4D04-8DA1-5344F677508F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{9A519F14-BF3D-43B3-9269-1FF1A9ADC857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{3AFE551E-6CBF-435A-88F5-7722B7364F21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{A6B574D4-DA72-47CD-BBAA-69269F3AA7DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F6BE0329-945C-4D40-8C79-2F572BE485E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1423F01A-263B-4BFE-BED8-B7D89C455483}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96DB7A3B-102B-4453-9916-44CF34505D0C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6FA628E-D0DE-466E-8F1A-668F8458F76E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{219DB366-CC97-4DD1-B744-C5B9B09FC061}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3572A214-BE5F-46D7-89B9-21185C583299}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{51256812-D40D-4B03-A6AF-2B59D3F8F621}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{327194FA-DC6D-442B-AA41-D6FB047B8AA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6EDAC312-4CA5-49F6-946B-8C04B77EF0B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6228AE5D-DAED-47A9-BC22-FEB9740166F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE7F16B-927D-476F-957C-716AA2750A13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1B34ECA-562E-4215-A98D-2642C442DD0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64220E73-1A09-4F49-A17D-560A27F3A0D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{EDC0FD19-C341-484B-AEE6-3AD9529EF329}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{82B4CE09-6EF9-4C6C-BBB9-C6140D304224}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F512203D-7B6C-4800-B40D-F36824C44601}C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4EF44DE5-D334-46A9-8DA5-ABAF5F69BBD4}C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA53684E-C80B-4BDA-BAA3-1DF387ED54CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09793FCC-289A-4B9D-8445-1857026EE081}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0E192F3-50EA-4D98-A75F-3CF5383918B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E7390E2-85F3-4252-AB82-BFBB59C95F08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A942CC4-6F07-4693-A438-BB696AB8E56A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E982A18-6C66-4E0B-AE87-42A491D31786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02732587-3EDE-455C-9F82-8667CE9E5967}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAA7477E-FA9E-41FE-BB70-CB83555367DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D3F4597-937E-4B02-BFAE-CCBCB5025CDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5C807B5-272D-44E5-ADB4-D8E7436D27FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{694EE39C-D2DE-4EB8-BAF6-90F137971B94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{596C6977-5870-4E93-90FB-38841AF26C2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

10-12-2020 20:20:06 End of disinfection
11-12-2020 16:55:20 JRT Pre-Junkware Removal
12-12-2020 18:30:19 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/12/2020 05:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiMalware.exe, verze: 3.2.27.0, časové razítko: 0x5f21537e
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6ac3
ID chybujícího procesu: 0x2874
Čas spuštění chybující aplikace: 0x01d6d0a5e124dccc
Cesta k chybující aplikaci: C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d8393f23-5345-49c7-a3c7-5f80dfb523ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2020 05:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.662, časové razítko: 0x996782f8
Název chybujícího modulu: Explorer.EXE, verze: 10.0.19041.662, časové razítko: 0x996782f8
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001a830b
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d6d0a587bf080c
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\Explorer.EXE
ID zprávy: 8c521d8e-b544-4ae5-b196-b65fee570504
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2020 05:12:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x924
Čas spuštění chybující aplikace: 0x01d6d0a190f4af94
Cesta k chybující aplikaci: C:\Users\rluci\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 902d5e93-221a-43b4-8a61-075cfdf3f954
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2020 05:12:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (12/12/2020 05:12:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\wbem\wmiprvse.exe; Popis = zoek.exe restore point; Chyba = 0x8007043c).

Error: (12/12/2020 05:08:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/12/2020 10:56:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/11/2020 04:59:00 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-LUCIE)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.


System errors:
=============
Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}

Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/12/2020 05:40:00 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby netprofm s argumenty Není k dispozici za účelem spuštění serveru:
{A47979D2-C419-11D9-A5B4-001185AD2B89}


Windows Defender:
===================================
Date: 2020-11-19 17:58:23.1810000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-11-19 17:58:23.1800000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-11-19 17:58:23.1800000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-11-19 17:58:23.1710000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-11-19 17:58:23.1710000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-12-12 18:30:46.7420000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 18:30:46.6960000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 18:30:41.1990000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 18:22:45.1180000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 18:09:41.6760000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 17:55:33.8320000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 17:44:01.0890000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-12 17:42:43.8800000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Dell Inc. A24 02/01/2018
Motherboard: Dell Inc. 0PXPYJ
Processor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Percentage of memory in use: 46%
Total physical RAM: 8097.09 MB
Available physical RAM: 4330.71 MB
Total Virtual: 10145.09 MB
Available Virtual: 6096.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.32 GB) (Free:354 GB) NTFS

\\?\Volume{8b58cccd-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{8b58cccd-0000-0000-0000-801a77000000}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 8B58CCCD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=535 MB) - (Type=27)

==================== End of Addition.txt =======================